@libravatar alright, thanks for letting me know.

If this idea is ever to come up again, I'd be happy to join the discussion and/or development.

Until then, federated libravatar appears to be the most open and decentralized solution so that is what we must support.

@sheogorath @ilpianista

@libravatar WKD on the other hand is just a simple file hosted on a server, accessible by a predictable URL. No need to install a WKD server or set any DNS records.

datatracker.ietf.org/doc/draft

This is an attempt to lower barriers of entry. Do you happen to know if there's any work in this direction?

@sheogorath @ilpianista

@libravatar reading the API documentation, I think libravatar's federated approach is not entirely what I was looking for.

It's great considering the alternative!

But every request still needs to be processed by a libravatar server, right? So the end-user must set DNS records and host a server implementation, correct?

@sheogorath @ilpianista

@sheogorath ohhh that link just made the penny drop, thanks! Yes, that is what we need. Perhaps if Keyoxide has guides that puts federated avatars front and center, we can get a few more people to start adopting it.

@libravatar @ilpianista

@libravatar are you aware of WKD? Just in case, it's a standard for putting cryptographic keys on personal servers behind a URL that can be computed based on the identifier. So knowing just the identifier "bob@domain.tld", you can easily download bob's key from his server on domain.tld

No need for a centralized service.

Do you happen to know if there's a similar thing for avatars? If you have a personal server, you can easily store an image there

@ilpianista

@libravatar @ilpianista thanks for that PR, great feeling when people feel passionate enough to contribute ๐Ÿค—

There had been an earlier libravatar issue and at that moment, I had to put it on hold because of (poor) code design choices I had made ๐Ÿ˜

With the Keyoxide 3.0.0 rewrite, this is now feasible. We must give key holders the choice of avatar provider. But I wouldn't mind setting defaults that favor decentralized options!

@michael yeah we tried making it standard but no luck.

As for the CLI, JS is indeed not an optimal choice but they're all stepping stones. When you're not a multimillion company, you need a few more of those.

Though at this moment not my highest priority, the CLI will also be rewritten, likely in rust

@musicmatze

Keyoxide boosted

Here's what a new profile page looks like: keyoxide.org/hkp/9f0048ac0b233

Also, have a look at @keyoxide fediverse account, it now shows a fancy green tick next to the Keyoxide profile link โœ…

Show thread

So excited to announce Keyoxide version 3.0.0 ๐ŸŽ‰

This update was worth the wait, with a (much needed ๐Ÿ˜Ž) redesign that is cleaner and more consistent that before.

Now also featuring server-side rendering! So not only pretty darn fast, but also parseable by Mastodon! Keyoxide links in Mastodon bio with a โœ… for everyone ๐Ÿคฉ

Thank all for your support. Here's to taking our online identity back from Big Tech!

yarmo.eu/post/keyoxide-project

Keyoxide boosted

I finally took the time to setup my profile. You can find it here: keyoxide.org/1B4C9964EAC751738 Thanks to @yarmo for creating that awesome piece of software.

@finlaydag33k sorry for my delayed reply! Yes, this is possible, though we haven't tested this yet. I'd love to test this out with you.

@heii indeed, it now is.

I wanted to thank you for your message last night (for Europeans), after reading I immediately restarted the proxy server and that fixed it.

Interestingly, the health status of the proxy server showed no issue ๐Ÿค” unsure how it failed!

@ben no such thing as a dumb question.

Currently not, but that is a good idea! One that I, to be quite frank, had never considered and now find ridiculously obvious. Easy enough to implement, will do so soon!

@yisraeldov @yarmo interesting glitch ๐Ÿค” hadn't noticed that before, I'll have a look!

2.5.0 just launched with support for and identity verification ๐ŸŽ‰

More communication platforms!

Details can be found in the blog post: yarmo.eu/post/keyoxide-project

@maxi @kubikpixel you are spot on on many aspects there!

- yes, one needs advanced tech skills and this is not ideal
- the website is too vague on defining certain concepts
- we need apps/gui and an android app should work with openkeychain

I am currently working on a big overhaul of the website and the information it displays. Within months, I hope to release an android app that does most of the basic functions.

I'll post updates as soon as something is ready :)

Keyoxide boosted

Yes, they patched it, but I still don't like #Keybase, also because it was (partially) bought by #Zoom. I use the decentralized solution @keyoxide for this and yes it is more complex but you only do this once and then you have it. Apart from that there should now be a #shell #script for it.

#privacy #security #itsecurity #itsec #verify

zdnet.com/article/keybase-patc

Show older
Fosstodon

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.